diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | acconfig.h | 5 | ||||
-rw-r--r-- | configure.ac | 3 | ||||
-rw-r--r-- | readconf.c | 2 | ||||
-rw-r--r-- | serverloop.c | 7 |
5 files changed, 17 insertions, 6 deletions
@@ -1,3 +1,7 @@ | |||
1 | 20020709 | ||
2 | - (bal) NO_IPPORT_RESERVED_CONCEPT used instead of CYGWIN so other platforms | ||
3 | lacking that concept can share it. Patch by vinschen@redhat.com | ||
4 | |||
1 | 20020708 | 5 | 20020708 |
2 | - (tim) [openssh/contrib/solaris/buildpkg.sh] add PKG_INSTALL_ROOT to | 6 | - (tim) [openssh/contrib/solaris/buildpkg.sh] add PKG_INSTALL_ROOT to |
3 | work in a jumpstart environment. patch by kbrint@rufus.net | 7 | work in a jumpstart environment. patch by kbrint@rufus.net |
@@ -1316,4 +1320,4 @@ | |||
1316 | - (stevesk) entropy.c: typo in debug message | 1320 | - (stevesk) entropy.c: typo in debug message |
1317 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ | 1321 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ |
1318 | 1322 | ||
1319 | $Id: ChangeLog,v 1.2351 2002/07/09 02:17:10 tim Exp $ | 1323 | $Id: ChangeLog,v 1.2352 2002/07/09 14:06:40 mouring Exp $ |
diff --git a/acconfig.h b/acconfig.h index d809d059d..147295510 100644 --- a/acconfig.h +++ b/acconfig.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: acconfig.h,v 1.142 2002/07/07 20:43:36 tim Exp $ */ | 1 | /* $Id: acconfig.h,v 1.143 2002/07/09 14:06:40 mouring Exp $ */ |
2 | 2 | ||
3 | #ifndef _CONFIG_H | 3 | #ifndef _CONFIG_H |
4 | #define _CONFIG_H | 4 | #define _CONFIG_H |
@@ -310,6 +310,9 @@ | |||
310 | /* Define if X11 doesn't support AF_UNIX sockets on that system */ | 310 | /* Define if X11 doesn't support AF_UNIX sockets on that system */ |
311 | #undef NO_X11_UNIX_SOCKETS | 311 | #undef NO_X11_UNIX_SOCKETS |
312 | 312 | ||
313 | /* Define if the concept of ports only accessible to superusers isn't known */ | ||
314 | #undef NO_IPPORT_RESERVED_CONCEPT | ||
315 | |||
313 | /* Needed for SCO and NeXT */ | 316 | /* Needed for SCO and NeXT */ |
314 | #undef BROKEN_SAVED_UIDS | 317 | #undef BROKEN_SAVED_UIDS |
315 | 318 | ||
diff --git a/configure.ac b/configure.ac index aa9a5d215..120709876 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: configure.ac,v 1.76 2002/07/09 02:17:10 tim Exp $ | 1 | # $Id: configure.ac,v 1.77 2002/07/09 14:06:40 mouring Exp $ |
2 | 2 | ||
3 | AC_INIT | 3 | AC_INIT |
4 | AC_CONFIG_SRCDIR([ssh.c]) | 4 | AC_CONFIG_SRCDIR([ssh.c]) |
@@ -91,6 +91,7 @@ case "$host" in | |||
91 | AC_DEFINE(IPV4_DEFAULT) | 91 | AC_DEFINE(IPV4_DEFAULT) |
92 | AC_DEFINE(IP_TOS_IS_BROKEN) | 92 | AC_DEFINE(IP_TOS_IS_BROKEN) |
93 | AC_DEFINE(NO_X11_UNIX_SOCKETS) | 93 | AC_DEFINE(NO_X11_UNIX_SOCKETS) |
94 | AC_DEFINE(NO_IPPORT_RESERVED_CONCEPT) | ||
94 | AC_DEFINE(DISABLE_FD_PASSING) | 95 | AC_DEFINE(DISABLE_FD_PASSING) |
95 | AC_DEFINE(SETGROUPS_NOOP) | 96 | AC_DEFINE(SETGROUPS_NOOP) |
96 | ;; | 97 | ;; |
diff --git a/readconf.c b/readconf.c index 80d99fef1..bae06be12 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -199,7 +199,7 @@ add_local_forward(Options *options, u_short port, const char *host, | |||
199 | u_short host_port) | 199 | u_short host_port) |
200 | { | 200 | { |
201 | Forward *fwd; | 201 | Forward *fwd; |
202 | #ifndef HAVE_CYGWIN | 202 | #ifndef NO_IPPORT_RESERVED_CONCEPT |
203 | extern uid_t original_real_uid; | 203 | extern uid_t original_real_uid; |
204 | if (port < IPPORT_RESERVED && original_real_uid != 0) | 204 | if (port < IPPORT_RESERVED && original_real_uid != 0) |
205 | fatal("Privileged ports can only be forwarded by root."); | 205 | fatal("Privileged ports can only be forwarded by root."); |
diff --git a/serverloop.c b/serverloop.c index 134921355..912f62501 100644 --- a/serverloop.c +++ b/serverloop.c | |||
@@ -972,8 +972,11 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt) | |||
972 | 972 | ||
973 | /* check permissions */ | 973 | /* check permissions */ |
974 | if (!options.allow_tcp_forwarding || | 974 | if (!options.allow_tcp_forwarding || |
975 | no_port_forwarding_flag || | 975 | no_port_forwarding_flag |
976 | (listen_port < IPPORT_RESERVED && pw->pw_uid != 0)) { | 976 | #ifndef NO_IPPORT_RESERVED_CONCEPT |
977 | || (listen_port < IPPORT_RESERVED && pw->pw_uid != 0) | ||
978 | #endif | ||
979 | ) { | ||
977 | success = 0; | 980 | success = 0; |
978 | packet_send_debug("Server has disabled port forwarding."); | 981 | packet_send_debug("Server has disabled port forwarding."); |
979 | } else { | 982 | } else { |